
WHAT IS CLAIMED IS: 



1. 



A network management system comprising: 



a client-side authentication library deployed on one or more client computer 
systems, wherein the client-side authentication library comprises a client- 
side interface which is operable to retrieve and encrypt a user profile 
associated with a user, and wherein the client-side library is implemented 
in accordance with a platform-independent interface specification and 
implemented for one or more client platforms respectively corresponding 
to each of the one or more client computer systems; and 

a server-side authentication library deployed on a server computer system coupled 
to the client computer system, wherein the server-side authentication 
library comprises a server-side interface which is operable to receive the 
encrypted user profile from the client-side authentication library and 
decrypt the user profile to authenticate the user for one or more network 
services, and wherein the server-side library is implemented in accordance 
with the platform-independent interface specification and implemented for 
a server platform corresponding to the server computer system. 

2. The network management system of claim 1, wherein the client-side 
authentication library is shared by a plurality of management applications. 

3. The network management system of claim 1, wherein the server-side 
authentication library is shared by a plurality of gateway components. 

4. The network management system of claim 1, wherein the server-side 
authentication library is implemented in C++. 
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5. The network management system of claim 1, wherein the user profile comprises a 
user name and a password. 



6. The network management system of claim 5, wherein the user profile further 
5 comprises a designation of a management information server (MIS) to which the user 

wishes to connect. 

7. The network management system of claim 1, wherein the platform-independent 
interface specification comprises a specification expressed in an interface definition 

10 language (IDL), wherein the interface definition language is operable to define object 
interfaces across a plurality of platforms and across a plurality of programming 
languages. 

8. The network management system of claim 1, wherein the user profile is encrypted 
15 and decrypted according to a user-selected encryption scheme. 

9. The network management system of claim 1, wherein the client-side 
authentication library and the server-side authentication library are operable to 
authenticate requests received by a CORBA gateway, wherein the requests comprise 

20 management requests to one or more managed objects, and wherein the management 
requests are sent by one or more manager applications. 

10. A network management system comprising: 

25 a gateway which is coupled to one or more managers, wherein the gateway is 

configured to provide network management services to the one or more 
managers; and 

one or more pluggable authentication modules which are operable to provide 
30 authentication of a manager based upon a user profile, wherein the user 
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profile corresponds to a user of one of the managers, and wherein the one 
or more pluggable authentication modules are accessible by the gateway 
and the one or more managers through a platform-independent interface; 
and 

5 

wherein the gateway is configurable to authenticate the user to receive the 
network management services using the pluggable authentication 
modules through the platform-independent interface. 

1 1 . The network management system of claim 10, wherein the one or more pluggable 
authentication modules are implemented in accordance with a platform-independent 
interface specification. 

12. The network management system of claim 11, wherein the platform-independent 
interface specification comprises a specification expressed in an interface definition 
language (IDL), wherein the interface definition language is operable to define object 
interfaces across a plurality of platforms and across a plurality of programming 
languages. 

20 13. The network management system of claim 10, wherein the pluggable 
authentication modules comprise: 

a client-side authentication library deployed on one or more client computer 
systems, wherein the client-side authentication library comprises functions 
25 which are operable to retrieve and encrypt a user profile associated with a 

user, and wherein the client-side library is implemented for one or more 
client platforms respectively corresponding to each of the one or more 
client computer systems; and 
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a server-side authentication library deployed on a server computer system coupled 
to the client computer system, wherein the server-side authentication 
library comprises functions which are operable to receive the encrypted 
user profile from the client-side authentication library and decrypt the user 
profile to authenticate the user for one or more network services, and 
wherein the server-side library is implemented for a server platform 
corresponding to the server computer system. 

14. The network management system of claim 13, wherein the user profile is 
encrypted and decrypted according to a user-selected encryption scheme. 

15. The network management system of claim 13, wherein the client-side 
authentication library and the server-side authentication library are operable to 
authenticate requests received by a CORBA gateway, wherein the requests comprise 
management requests to one or more managed objects, and wherein the management 
requests are sent by one or more manager applications. 

16. The network management system of claim 10, wherein the user profile comprises 
a user name and a password. 

17. The network management system of claim 16, wherein the user profile further 
comprises a designation of a management information server (MIS) to which the user 
wishes to connect. 

18. A network management method comprising: 

implementing a client-side authentication library for a client platform in 
accordance with a platform-independent interface specification, wherein 
the client platform corresponds to a client computer system; 
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installing the client-side authentication library on the client computer system; 

implementing a server-side authentication library for a server platform in 
accordance with the platform-independent interface specification, wherein 
the server platform corresponds to a server computer system; 

installing the server-side authentication library on the server computer system; 

encrypting a user profile associated with a user via the client-side authentication 
library; 

receiving the encrypted user profile from the client computer system via the 
client-side authentication library; 

decrypting the user profile to authenticate the user for one or more network 
services via the server-side authentication library. 

19. The network management method of claim 18, wherein the client-side 
authentication library is shared by a plurality of management applications. 

20. The network management method of claim 18, wherein the server-side 
authentication library is shared by a plurality of gateway components. 

21. The network management method of claim 18, wherein the server-side 
authentication library is implemented in C++. 

22. The network management method of claim 18, wherein the user profile comprises 
a user name and a password. 
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23. The network management method of claim 22, wherein the user profile further 
comprises a designation of a management information server (MIS) to which the user 
wishes to connect. 

24. The network management method of claim 18, wherein the platform-independent 
interface specification comprises a specification expressed in an interface definition 
language (IDL), wherein the interface definition language is operable to define object 
interfaces across a plurality of platforms and across a plurality of programming 
languages. 

25. The network management method of claim 18, wherein the user profile is 
encrypted and decrypted according to a user-selected encryption scheme. 

26. The network management method of claim 18, wherein the client-side 
authentication library and the server-side authentication library are operable to 
authenticate requests received by a CORBA gateway, wherein the requests comprise 
management requests to one or more managed objects, and wherein the management 
requests are sent by one or more manager applications. 

27. A network management method comprising: 

implementing one or more pluggable authentication modules; 

a client manager application encrypting a user profile associated with a user of a 
client manager application via one of the pluggable authentication 
modules; 

a gateway receiving the encrypted user profile from the client manager 



application; 
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the gateway decrypting the user profile to authenticate the user for one or more 
network services via the one of the pluggable authentication modules . 

28. The network management method of claim 27, wherein the one or more pluggable 
authentication modules are implemented in accordance with a platform-independent 
interface specification. 

29. The network management method of claim 28, wherein the platform-independent 
interface specification comprises a specification expressed in an interface definition 
language (IDL), wherein the interface definition language is operable to define object 
interfaces across a plurality of platforms and across a plurality of programming 
languages. 

30. The network management method of claim 27, wherein the pluggable 
authentication modules comprise: 

a client-side authentication library deployed on one or more client computer 
systems, wherein the client-side authentication library comprises functions 
which are operable to retrieve and encrypt a user profile associated with a 
user, and wherein the client-side library is implemented for one or more 
client platforms respectively corresponding to each of the one or more 
client computer systems; and 

a server-side authentication library deployed on a server computer system coupled 
to the client computer system, wherein the server-side authentication 
library comprises functions which are operable to receive the encrypted 
user profile from the client-side authentication library and decrypt the user 
profile to authenticate the user for one or more network services, and 
wherein the server-side library is implemented for a server platform 
corresponding to the server computer system. 
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31. The network management method of claim 30, wherein the client-side 
authentication library and the server-side authentication library are operable to 
authenticate requests received by a CORBA gateway, wherein the requests comprise 
management requests to one or more managed objects, and wherein the management 
requests are sent by one or more manager applications. 

32. The network management method of claim 27, wherein the user profile is 
encrypted and decrypted according to a user-selected encryption scheme. 

33. The network management method of claim 27, wherein the user profile comprises 
a user name and a password. 

34. The network management method of claim 33, wherein the user profile further 
comprises a designation of a management information server (MIS) to which the user 
wishes to connect. 

35. A carrier medium comprising program instructions for network management, 
wherein the program instructions are computer-executable to perform: 

encrypting a user profile associated with a user via a client-side authentication 
library, wherein the client-side authentication library is implemented for a 
client platform in accordance with a platform-independent interface 
specification expressed in an interface definition language (IDL), and 
wherein the client platform corresponds to a client computer system; 

receiving the encrypted user profile from the client computer system via the 



client-side authentication library; 
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decrypting the user profile to authenticate the user for one or more network 
services via a server-side authentication library, wherein the server-side 
authentication library is implemented for a server platform in accordance 
with the platform-independent interface specification, and wherein the 
5 server platform corresponds to a server computer system. 

36. The earner medium of claim 35, wherein the client-side authentication library is 
shared by a plurality of management applications. 

10 37. The carrier medium of claim 35, wherein the server-side authentication library is 
shared by a plurality of gateway components. 

38. The carrier medium of claim 35, wherein the server-side authentication library is 
implemented in C++. 

15 

39. The carrier medium of claim 35, wherein the user profile comprises a user name 
and a password. 

40. The carrier medium of claim 39, wherein the user profile further comprises a 
20 designation of a management information server (MIS) to which the user wishes to 

connect. 

41. The carrier medium of claim 35, wherein the platform-independent interface 
specification comprises a specification expressed in an interface definition language 

25 (IDL), wherein the interface definition language is operable to define object interfaces 
across a plurality of platforms and across a plurality of programming languages. 

42. The carrier medium of claim 35, wherein the user profile is encrypted and 
decrypted according to a user-selected encryption scheme. 

30 
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43. The carrier medium of claim 35, wherein the client-side authentication library and 
the server-side authentication library are operable to authenticate requests received by a 
CORBA gateway, wherein the requests comprise management requests to one or more 
managed objects, and wherein the management requests are sent by one or more manager 
applications. 

44. A carrier medium comprising program instructions for network management, 
wherein the program instructions are computer-executable to perform: 

implementing one or more pluggable authentication modules; 

a client manager application sending a user profile associated with a user of a 
client manager application via one of the pluggable authentication 
modules; 

a gateway receiving the user profile from the client manager application; 

the gateway authenticating the user for one or more network services via the one 
of the pluggable authentication modules . 

45. The carrier medium of claim 44, 

wherein the client manager application sending the user profile comprises 
encrypting the user profile prior to delivery of the user profile, 

wherein the gateway receiving the user profile from the client manager application 
comprises receiving the encrypted user profile from the client manager 
application, and 
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wherein the gateway authenticating the user for one or more network services 
comprises decrypting the user profile to authenticate the user for one or 
more network services. 

46. The carrier medium of claim 44, wherein the one or more pluggable 
authentication modules are implemented in accordance with a platform-independent 
interface specification. 

47. The carrier medium of claim 46, wherein the platform-independent interface 
specification comprises a specification expressed in an interface definition language 
(IDL), wherein the interface definition language is operable to define object interfaces 
across a plurality of platforms and across a plurality of programming languages. 

48. The carrier medium of claim 44, wherein the pluggable authentication modules 
comprise: 

a client-side authentication library deployed on one or more client computer 
systems, wherein the client-side authentication library comprises functions 
which are operable to retrieve and encrypt a user profile associated with a 
user, and wherein the client-side library is implemented for one or more 
client platforms respectively corresponding to each of the one or more 
client computer systems; and 

a server-side authentication library deployed on a server computer system coupled 
to the client computer system, wherein the server-side authentication 
library comprises functions which are operable to receive the encrypted 
user profile from the client-side authentication library and decrypt the user 
profile to authenticate the user for one or more network services, and 
wherein the server-side library is implemented for a server platform 
corresponding to the server computer system. 
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49. The carrier medium of claim 48, wherein the client-side authentication library and 
the server-side authentication library are operable to authenticate requests received by a 
CORBA gateway, wherein the requests comprise management requests to one or more 

5 managed objects, and wherein the management requests are sent by one or more manager 
applications. 

50. The carrier medium of claim 44, wherein the user profile is encrypted and 
decrypted according to a user-selected encryption scheme. 



51. The carrier medium of claim 44, wherein the user profile comprises a user name 
and a password. 



52. The carrier medium of claim 51, wherein the user profile further comprises a 
15 designation of a management information server (MIS) to which the user wishes to 



10 



connect. 
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